Armed with a “state of the industry” survey, most companies try to identify gaps to play catch up. In cybersecurity, that is too late. Companies need to stay a step ahead of malicious actors.
Some companies, like Shell Oil, are known for creating a variety of possible scenarios for the future and preparing for all of them. But with security, that is a nearly infinite task. The ideal choice would be to find someone who can predict future threats and to prepare for them in the present.
SEE: Security threats on the horizon: What IT pro’s need to know (free PDF) (TechRepublic)
That’s not as far-fetched as it seems.
The Threat Horizon Report
The Information Security Forum’s (ISF) Threat Horizon Report, released annually, has actually predicted these risks:
Threat Horizon 2019 (published in 2017) suggested that the blockchain would be under attack, subverted to commit fraud and money laundering
Threat Horizon 2020 warned that the new biometric and facial recognition systems were more error-prone, and easier to trick, than anyone realized
The 2021 Threat Horizon pointed out malicious drones as a risk for target attacks
All three of these events came to pass. Most core blockchain code is open-source, and criminal contributors to the blockchain did add back-door theft code into dependencies many blockchain systems were relying on. Facial recognition systems have been underwhelming, while airports have been shut down by drone interference.
SEE: Brute force and dictionary attacks: A cheat sheet (free PDF) (TechRepublic)
The ISF’s 2022 Report
The 2022 report, which will be released on Thursday, breaks down the next threat into three categories.
Invasive technology disrupts the everyday. The Internet of Things (IoT) brought an incredible number of internet-connected devices inside the home, the enterprise, and public spaces, many of them with microphones and video cameras. While we have already seen “Hey Siri” on television trigger the devices at home, the ISF sees attacks on these devices impacting the physical world directly, with serious impacts on privacy, security, and personal safety.
Neglected infrastructure cripples operations. “Where” the software is running is becoming increasingly cloudy and exposed to the internet. These systems are also more complex and interleaved, with growing dependencies. That means a single failure from any source: Man-man, natural, accidental, or malicious-could lead to a service outage. Meanwhile, customers increasingly expect a 24/7 enterprise. Opportunistic actors can take advantage of this increased attack surface to steal data or cripple operations.
A crisis of trust undermines digital business. The ISF sees the first two issues creating large and public failures. Think about banks or insurance companies that “lose” or “leak” money or customer information. That can lead to a lack of trust in the new, evolving cloud compute infrastructure, in brand reputation, or even in the reputation of the executives running the company. Even a company that succeeds in maintaining its integrity, that trusts the right infrastructure and hires the right employees could suffer as the crisis of trust impairs its ability to do digital business.
SEE: The 10 most important cyberattacks of the decade (free PDF) (TechRepublic)
ISF goes into much more detail about particular types of malicious actors, from robo-helpers (which they define as network-connected autonomous agents) crawling for data to “deep fakes” which is truthful digital content, manipulated by artificial intelligence to seem believable, the worst possible kind of “fake news.”
Steve Durbin, managing director of the ISF, explained how to leverage work this way: “The value lies in discussing upcoming scenarios, planning for those scenarios and, most importantly, engaging cross-organization teams in discussing the response playbook. COVID-19 has shone an additional light on the need for scenario planning for business continuity, and many organizations are already reviewing their risk postures and assessing future responses not just to the pandemic but also to other emerging threats. The Threat Horizon and its associated scenarios have a key role to play in this discussion.”